• 0 Posts
  • 1 Comment
Joined 9 months ago
cake
Cake day: March 28th, 2024

help-circle
  • I think if systemd were documented in a more consumable format (the man pages need better organization IMO) more people would see how powerful it is. Mounting directories with BindPath, and BindPathRO, Limiting systemcalls, socket activation and cgroup integration, and nspawn containers are features I can’t live without.

    I feel like a lot of people that get attached to the “It tries to do everything and it’s against the unix philosophy” argument might change their minds when they see the tradeoffs. It has its problems for sure, but you get a lot out of it.

    These days I don’t even use docker containers for running services. I just put it in a systemd service and lock it down as tightly as I can.